The storage and networking company QNAP warned users of ongoing attacks targeting their NAS devices. The malware mines Bitcoin cryptocurrency using NAS devices’ hardware capabilities, resulting in decreased power efficiency and slower processing.
Restarting the device might be enough
The malware will create a new process named [oom_reaper] that mine Bitcoin. The process can take up to 50% of NAS’ CPU resources while mimicking a kernel process with PID higher than 1000. QNAP urged users to act immediately about protecting the NAS device. Interestingly, the company says that restarting the device might be enough to remove the malware.
QNAP also recommended users take those further steps to ensure the security of the NAS devices:
- Update QTS or QuTS hero to the latest version.
- Install and update Malware Remover to the latest version.
- Use stronger passwords for your administrator and other user accounts.
- Update all installed applications to their latest versions.
- Do not expose your NAS to the internet, or avoid using default system port numbers 443 and 8080.